In this Interview with the Hong Kong Monetary Authority’s Stewart McGlynn, who leads the Regulators Anti Money Laundering Team, Financial Crime News wanted to know more about HK, the risks and threats, de risking, the recent FATF Report, follow up actions, Regtech, PPP and much more besides. The interview reveals that HK has achieved a lot but also has plans to do more, much of which is exciting and offers the prospects for increased efficiency and effectiveness in fighting financial crime.

FCN: HK is one of the largest and most respected international financial and trading centres, but what attributes do you think are necessary to build and maintain this reputation?

SM: There are several key attributes which overlap to some degree and which can be related directly to anti-money laundering work. These are monetary and financial stability – the HKMA’s core mission; the capacity of our financial services industry – specifically the ongoing upgrading of competence and skills, which we have often referred to as the “soft power” of the industry; the issue of financial inclusion – how the financial services industry serves economic activities in the whole community, including those market segments that may be less profitable; the role of technology – a fast-changing aspect of how we all do business, which brings huge potential benefits, but also some serious possible threats; and the overall concept of culture – the individual and corporate qualities upon which trust in the system is founded. These include qualities like integrity, honesty, professionalism and openness.

FCN: HK’s position as a hub for finance and trade also presents risks, what are the most concerning, particularly for FI’s.

SM:While the FATF assessment in the mutual evaluation report (MER) commended the good understanding of ML/TF risks of the banking sector, the report also highlighted the need to deepen that understanding in the light of evolving risks. Hong Kong’s status as an international finance, trade and transport hub makes it susceptible to a number of risks all of which are covered in Hong Kong’s ML/TF risk assessment report published in April 2018; those arising from being a transit point for cross-border illicit funds flows feature prominently for banks, particularly for the retail segment. Transnational fraud syndicates are a significant part of the threat but other predicate offences to which banks are vulnerable and in respect of which more work is being done include foreign tax evasion and foreign corruption. Trade based money laundering is also another area of concern while Hong Kong’s role in global trade also brings high levels of geopolitical risks; sanction regimes continue to be on the agenda of our banks.

Looking at these issues from the banks’ perspective, the risks often manifest themselves as networks for which the predicate may not be known and in that respect the MER recognized the use of network analytics by some of our larger banks as a means to improve detection; we are certainly seeing good progress in that area and I am optimistic that together with greater collaboration, the regime in Hong Kong can collectively achieve better outcomes in AML. work.

FCN: Has the issue around de risking or access to banking in HK particularly for SME’s improved?

SM:As far as access to banking services by corporates, particularly SMEs is concerned, our overall aim is to maintain an effective risk-based AML/CFT regime that does not impact the activities of legitimate businesses. We don’t believe these goals are mutually exclusive but we also recognise it can be challenging for FIs to get it right all of the time, so we have worked closely with both the banking industry and the business community to improve customer experience. Banks have taken a number of measures such as establishing review mechanisms for unsuccessful account opening applications, providing “pre-vetting” services as well as launching Simple Bank Accounts (SBAs) earlier in 2019 to provide basic banking services with less extensive customer due diligence measures.

On our part we have strengthened communication and feedback from customers through various channels and also completed two pieces of supervisory work looking at the issue from different angles. The first was a mystery shopping programme, focusing on the customer interface aspect and the second a thematic review on how the risk-based approach was being applied during the on-boarding process. We followed up with training and guidance.

These efforts have all contributed to improvements being seen but we continue to monitor closely: the retail banking sector opens on average about 10,000 new business accounts per month, with over 50% of them relating to SMEs and start-up companies, while on average over 1,000 non-local SMEs and start-up companies open business accounts every month. The average unsuccessful rate of account opening applications is currently around 5%, representing a substantive improvement from around 10% in early 2016.

FCN: When is the next Hong Kong Risk Assessment due to be published?

SM:This is something we get asked frequently and I think it is important to dispel the myth that risk assessment is a one-off exercise. Most banks now recognise this as a continuing process that updates current risks on an ongoing basis while also flagging emerging risks. By way of example, following the publication of the Hong Kong ML/TF Risk Assessment Report published in 2018, we published an updated risk assessment of the Stored Value Facility sector (e-payment and pre-paid card providers etc.) in July 2019. The process for updating the Hong Kong assessment has started and the MER notes the intention to update the risk assessment every three years (i.e. the next one by the end of 2021); but that should be the culmination of many different pieces of work, within industry and the Government. Given the enhanced capabilities that now exist or are being developed in the banking sector, particularly in terms of network analytics, we are giving a lot of thought to how that process can deliver greater value to the industry in some key risk areas and drive a better collective understanding and targeting of threats throughout the whole regime.

FCN: What did you make of the FATF Report and what do you think the main highlights were?

SM:Overall the Report is positive and concludes that Hong Kong has a generally sound and effective AML/CFT system. Some key areas have been highlighted where further work needs to be done to strengthen the regime, such as reviewing money laundering threats arising from foreign crimes like corruption and tax crimes. But as far as the banking sector is concerned we were reasonably satisfied with the outcome and feel that the heavy lifting the banking sector has done in Hong Kong in recent years has been highlighted in a number of ways throughout the Report.

We have also been able to demonstrate that controls and supervision in our banking system are risk-based and in line with international standards.

But we are also acutely aware that a good MER is not an end in itself, it is a means to build a more effective, efficient system that delivers real outcomes to society. With that in mind we have also taken a step back at the HKMA and used the experience to ask ourselves whether the system is working as well as we would like it to be. What does the report mean for us at the HKMA and for the industry? And more importantly how should the HKMA drive change in the post-FATF evaluation regime?

FCN: What are the main actions coming out of the FATF Evaluation?

SM:We have already communicated to banks the major themes around which we intend to focus our efforts post-evaluation.

The first of these is our understanding of risk, particularly emerging risks, so that our response is sufficiently targeted. To this end, we have communicated with banks the need to review and update risk assessments and how the HKMA is also updating its own understanding of ML/TF risks at both the institutional and sectoral level. This will provide a critical element of the evidence base to determine our risk-based response in years to come.

The second item is the importance of quality and timeliness in suspicious transaction reporting. This is an interesting discussion with the private sector, who are at different stages of their evolution in being able to deliver. At the top end of the spectrum we have a number of banks who can apply very sophisticated analytics and investigative skills to deliver to – and work with – law enforcement in a truly collaborative fashion, while at the other end you have more responsive reporting of higher volume and arguably lower quality. These observations are reflected in the MER and measures to address feature in a number of ongoing pieces of work.

The third area is the ongoing review of the approach we and the sector take to AML work to make sure we focus more on outcomes than processes and the tools which are needed for such an approach. This thinking also aligns to one of the priorities under the Chinese Presidency of the FATF, that is, to identify challenges and areas for enhancement in AML/CFT supervision. We want our banks to focus efforts in areas which may offer the greatest potential to address ML/TF risks, to continue to develop the public-private information-sharing approach developed under the Fraud and Money Laundering Intelligence Task Force while at the same time accelerate exploration into how technology can be used to more effectively and efficiently combat ML/TF risks, such as analytics in monitoring.

FCN: A lot is happening as far as innovation and new technology is concerned with prospects to improve effectiveness and efficiency – what’s Hong Kong’s take on these and are there any areas in particular you are excited about?

SM:The challenge for the HKMA and indeed all regulators is how to instigate change and promote responsible innovation. That seems to be the challenge we are all grappling with. We are already offering bespoke regulatory support through our Fintech Supervisory Chatroom and providing a Fintech Supervisory Sandbox so that innovative products can be tested before being widely launched. In these forums we have offered early supervisory responses to new ideas and supported proofs of concept that we believe are viable, based on the use case examples. We believe that this has encouraged banks to embrace new ways of doing things and more banks are exploring how technology can help make compliance processes more efficient and effective. At the present moment this has generally meant technologies that improve efficiency across key areas such as screening and monitoring, applying machine learning to reduce false positives or robotics process automation to make highly manual processes more efficient and allow analysts to concentrate their time on more impactful analysis.

But if we are to really ‘move the needle’ we need to see innovation at scale, a more collective response. This means exploring responsible innovation across all banks while also challenging our thinking on how we tackle some of the most difficult problems, such as criminal networks that sit across the sector and don’t respect borders, by better exploiting larger pools of data through analytics.

This relates to willingness and appetite to leverage these developments within the eco-system that is our AML regime. This is the collaboration part, to make better use of mechanisms which have the potential to significantly boost our efforts, for example public-private information sharing partnerships.

To advance our thinking we have been working with an international consulting firm and are now at the point where we have a clearer vision of what we need to do next and how we want to do it. We are going to launch this work with a many-to-many AML / Regtech event later this month which will be attended by banks, technology companies and a number of other stakeholders in the AML regime. The event will make clear that the approach will be collaborative and highlight the peer groups and relevant stakeholders that need to come together to collectively own and drive the agenda forward.

Our thinking is also advanced with regard to international standards and global developments in AML; we recently attended the 2019 conference of partnerships led by the Royal United Services Institute whose Financial Intelligence Sharing Programme has quickly developed into one of the world’s most distinctive platforms for thought leadership in promoting real change in the way we counter financial crime.

FCN: Is HK looking into / support the creation and development of utilities?

SM:We remain open to any opportunity to modernise AML work and have encouraged banks to explore the greater use of technology, including remote on-boarding initiatives and know-your-customer-utilities, to improve risk management, reduce compliance costs and improve customer experience in terms of transparency and efficiency in the customer due diligence (“CDD”) process.

The Hong Kong Association of Banks has been leading work on utilities, including a Proof of Concept exercise and is currently working on relevant foundational elements that might be required. Some of that work has taught us that we should not limit ourselves to a particular view of what form a utility might look like; especially with fast-growing technological development the principles of reducing duplication and sharing of information and services are something that are increasingly becoming a feature of the AML regulatory landscape.

FCN: What final advice would you give to FI’s on fighting financial crime, either in HK or elsewhere?

SM: There is a huge amount of change in anti-money laundering work right now and a lot of the discussion is around the potential from innovation in the context of RegTech, but this is only part of the story. Efforts to increase industry collaboration and experience sharing, based on the fact most FIs are on the same journey, will help ensure that efforts are sufficiently focused on effectiveness in addition to technical compliance with laws and regulations.

There is still much to be done on how we collectively communicate priorities that allow financial institutions to better allocate resources to higher value work that will have the greatest impact. Central to this is the way we collaborate with law enforcement and relevant stakeholders, and the role of regulatory support. How we develop information sharing will also be a key driver to making our efforts more effective. wAt the same time, we must not lose sight of the value of good old fashioned know-your-customer information and data in achieving our goals, albeit here the discussion is shifting from “do you have the data?” to “how do you capture and structure the data and what tools do you have to analyse and corroborate with other data and share such within the ecosystem.

Stewart McGlynn is the Division Head of AML at the Hong Kong Monetary Authority, where he has been working since 2011 and prior to that he held various roles in the Hong Kong Police.

Seventy years ago, this week, the United Nations Convention for the Suppression of the Traffic...

Publishing FCN 3

When I started Financial Crime News, I wanted to offer a digestible collection of both interesting and relevant materials to arm financial crime fighter’s with additional tools to help enable them to do their work. Read more…

We use cookies to give you the best online experience. Please let us know if you agree to all of these cookies. Cookie settingsACCEPT

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.